package cn.com.miao.lynx.common.secure.config;

import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * ResourceServerConfig
 *
 * @title: ResourceServerConfig
 * @description:
 * @author: dengmiao
 * @create: 2020-01-03 16:15
 **/
@Slf4j
@AllArgsConstructor
@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private final AuthIgnoreProperties authIgnoreProperties;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        String[] urls = authIgnoreProperties.getIgnoreUrls().stream().distinct().toArray(String[]::new);
        http
                .headers().frameOptions().disable()
                .and()
                .authorizeRequests().antMatchers(urls).permitAll()
                .anyRequest().authenticated()
                .and()
                .csrf().disable();
    }
}
